Berta CMS versions prior to 0.8.10b suffer from an issues where images with a ".php" extension can be uploaded and all that is required is that they pass the PHP getimagesize() function and have suitable dimensions.
e48ff1b6047e08c0020b9a706603986a8de01a2d4214892be753857895596f7dRed Hat Security Advisory 2015-0729-01 - The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. It was found that setroubleshoot did not sanitize file names supplied in a shell command look-up for RPMs associated with access violation reports. An attacker could use this flaw to escalate their privileges on the system by supplying a specially crafted file to the underlying shell command.
886ca51910f7b3e67238a1bcd37edc906783dbebed7f167e1e754b54e5873db6Red Hat Security Advisory 2015-0726-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.
556554dce153edd407f9ed35ad9b2549c021b7f9b903d6312f589dbd7a1fc644Red Hat Security Advisory 2015-0728-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP, and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large-scale Linux and UNIX deployments. The ipa component provides centrally managed Identity, Policy, and Audit. The slapi-nis component provides NIS Server and Schema Compatibility plug-ins for Directory Server.
6cdcbb2c397b1da67c30029fe3637fa6aee1cffe66a58e6a940c98ef292af739Red Hat Security Advisory 2015-0727-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.
93ffce7a0d7ad072f776414c7cc064b9e424786af1d4ad30ac44a27570ab282aSamhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
2b99cc85368d0e7ec41fc78a638e2478164f14d0c78d0adf6d917da358ade161WordPress Aspose Cloud eBook Generator plugin suffers from an arbitrary file download vulnerability.
946d92ef5d98fe6088b0968e8e32269f8e88de346638aa86691a69187392f267EMC OneFS contains a security fix to address a privilege escalation vulnerability that may potentially be exploited by attackers to compromise the affected system. EMC Isilon OneFS versions 6.5.x.x, 7.0.1.x, 7.0.2.0 through 7.0.2.12, 7.1.0.0 through 7.1.0.5, 7.1.1.0 through 7.1.1.1, and 7.2.0.0 are affected.
8532149045cfe63568349639fe7392f1d2ca3cdac10e41e16fc14dec2a17f047Cisco Security Advisory - Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers (ASR), Cisco 4400 Series Integrated Services Routers (ISR), and Cisco Cloud Services Routers (CSR) 1000v Series contain denial of service and remote code execution vulnerabilities. Cisco has released free software updates that address these vulnerabilities.
e3904c4c544c8a55fe7a08d4189f9cb4bc54ecf9fad8f768b78e40310bf563a3Cisco Security Advisory - The Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software and IOS XE Software has multiple vulnerabilities which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or gain limited command and control of the device. Cisco has released free software updates that address these vulnerabilities.
9d4b5a2a4174e548dd6478d7db85d0f287c344d501273c6636c09095f01bf7c2Cisco Security Advisory - The Cisco IOS Software implementation of the Common Industrial Protocol (CIP) feature contains denial of service and memory leak vulnerabilities. Cisco has released free software updates that address these vulnerabilities.
5c97ab8cde4eaa52ad5bbbb019e5e086be99d10d89039b78051532101aa3893bCisco Security Advisory - Devices running Cisco IOS Software or IOS XE Software contain vulnerabilities within the Internet Key Exchange (IKE) version 2 subsystem that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to how an affected device processes certain malformed IKEv2 packets. An attacker could exploit these vulnerabilities by sending malformed IKEv2 packets to an affected device to be processed. A successful exploit could allow the attacker to cause a reload of the affected device or excessive consumption of resources that would lead to a DoS condition. IKEv2 is automatically enabled on devices running Cisco IOS and Cisco IOS XE Software when the Internet Security Association and Key Management Protocol (ISAKMP) is enabled. These vulnerabilities can be triggered only by sending malformed IKEv2 packets. There are no workarounds for the vulnerabilities described in this advisory. Cisco has released free software updates that address these vulnerabilities.
0e99f457a00039ffb941af93c3f394d33f295fcda8ea2b1eaf6b2ff6710ee30fCisco Security Advisory - A vulnerability in the multicast DNS (mDNS) gateway function of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to reload the vulnerable device. The vulnerability is due to improper validation of mDNS packets. An attacker could exploit this vulnerability by sending malformed IP version 4 (IPv4) or IP version 6 (IPv6) packets on UDP port 5353. An exploit could allow the attacker to cause a denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability.
b7dd6a8f566bf357465462871ebb14bc469a2c42c8e0e58ef0b8691f1ea33244Cisco Security Advisory - A vulnerability within the virtual routing and forwarding (VRF) subsystem of Cisco IOS software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a failure to properly process malicious ICMP version 4 (ICMPv4) messages received on a VRF-enabled interface. An attacker could exploit this vulnerability by submitting ICMPv4 messages designed to trigger the vulnerability on an affected device. When the ICMPv4 messages are processed, the packet queue of the affected interface may not be cleared, leading to a queue wedge. When a wedge occurs, the affected device will stop processing any additional packets received on the wedged interface. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
8bb3e16c91622ced7a506e8173cbfe2134a6dd7fb5f7b20b86fb139f17b61f01Realms Wiki uses insecure transport during install and due to this an attacker in a privileged position could achieve remote code execution.
4f568ca2e277c33afd5ba0f09e55744f8174cc394efff4f5d14d96ff8cdee252Realms Wiki suffers from a cross site request forgery vulnerability.
76698182beabf946f364524d2347cb5198c06f12b7a17d4f24120c19c10ee709Mini-Stream Ripper version 2.7.7.100 local buffer overflow exploit with message box shellcode.
e5daae6d4a7fbf7f28c2cb416cb108fc4086f777944a3257d91c5bb1a73e3498WSO2 Identity Server versions 4.5.0, 4.6.0, and 5.0.0 suffer from authentication bypass and cross site scripting vulnerabilities.
6680a7e463046ee138266816668db4cf56362edb02b8e6d3cff5088123687903
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed